IL266207A - Fault tolerant automatic secret rotation - Google Patents

Fault tolerant automatic secret rotation

Info

Publication number
IL266207A
IL266207A IL266207A IL26620719A IL266207A IL 266207 A IL266207 A IL 266207A IL 266207 A IL266207 A IL 266207A IL 26620719 A IL26620719 A IL 26620719A IL 266207 A IL266207 A IL 266207A
Authority
IL
Israel
Prior art keywords
fault tolerant
secret rotation
tolerant automatic
automatic secret
rotation
Prior art date
Application number
IL266207A
Other languages
Hebrew (he)
Original Assignee
Microsoft Technology Licensing Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Technology Licensing Llc filed Critical Microsoft Technology Licensing Llc
Publication of IL266207A publication Critical patent/IL266207A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0876Aspects of the degree of configuration automation
    • H04L41/0886Fully automatic configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/568Storing data temporarily at an intermediate stage, e.g. caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/40Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass for recovering from a failure of a protocol instance or entity, e.g. service redundancy protocols, protocol state redundancy or protocol service redirection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • H04L41/5041Network service management, e.g. ensuring proper service fulfilment according to agreements characterised by the time relationship between creation and deployment of a service
    • H04L41/5054Automatic deployment of services triggered by the service manager, e.g. service implementation by automatic configuration of network components

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Retry When Errors Occur (AREA)
  • Hardware Redundancy (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
IL266207A 2016-10-28 2019-04-23 Fault tolerant automatic secret rotation IL266207A (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201662414542P 2016-10-28 2016-10-28
US15/600,129 US20180123781A1 (en) 2016-10-28 2017-05-19 Fault tolerant automatic secret rotation
PCT/US2017/057785 WO2018080950A1 (en) 2016-10-28 2017-10-23 Fault tolerant automatic secret rotation

Publications (1)

Publication Number Publication Date
IL266207A true IL266207A (en) 2019-06-30

Family

ID=62022729

Family Applications (1)

Application Number Title Priority Date Filing Date
IL266207A IL266207A (en) 2016-10-28 2019-04-23 Fault tolerant automatic secret rotation

Country Status (17)

Country Link
US (1) US20180123781A1 (en)
EP (1) EP3533200B1 (en)
JP (1) JP2019534512A (en)
KR (1) KR20190070332A (en)
CN (1) CN109891847A (en)
AU (1) AU2017351050A1 (en)
BR (1) BR112019005123A2 (en)
CA (1) CA3037351A1 (en)
CL (1) CL2019001042A1 (en)
CO (1) CO2019003766A2 (en)
IL (1) IL266207A (en)
MX (1) MX2019004860A (en)
PH (1) PH12019550031A1 (en)
RU (1) RU2019112870A (en)
SG (1) SG11201903338WA (en)
WO (1) WO2018080950A1 (en)
ZA (1) ZA201901670B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10320572B2 (en) * 2016-08-04 2019-06-11 Microsoft Technology Licensing, Llc Scope-based certificate deployment
US11018860B2 (en) 2016-10-28 2021-05-25 Microsoft Technology Licensing, Llc Highly available and reliable secret distribution infrastructure
EP3991377A4 (en) * 2019-06-26 2023-01-25 Microsoft Technology Licensing, LLC Lifecycle management of secrets on serverless platform
US11418327B2 (en) 2019-11-14 2022-08-16 International Business Machines Corporation Automatic provisioning of key material rotation information to services
CN111698088B (en) * 2020-05-28 2022-10-18 平安科技(深圳)有限公司 Key alternation method, key alternation device, electronic equipment and medium
US11979496B2 (en) 2021-09-15 2024-05-07 Microsoft Technology Licensing, Llc Secret rotation in a cloud service
WO2023043564A1 (en) * 2021-09-15 2023-03-23 Microsoft Technology Licensing, Llc. Secret rotation in a cloud service

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6965674B2 (en) * 2002-05-21 2005-11-15 Wavelink Corporation System and method for providing WLAN security through synchronized update and rotation of WEP keys
US8379865B2 (en) * 2006-10-27 2013-02-19 Safenet, Inc. Multikey support for multiple office system
CN102238002A (en) * 2010-04-30 2011-11-09 国际商业机器公司 Dynamic encryption and decryption methods and equipment for network communication
US8908868B1 (en) * 2012-05-17 2014-12-09 Amazon Technologies, Inc. Key rotation with external workflows
US8712044B2 (en) * 2012-06-29 2014-04-29 Dark Matter Labs Inc. Key management system
US9419948B2 (en) * 2013-11-15 2016-08-16 Adobe Systems Incorporated Method and apparatus for avoiding license storming during an unplanned regional blackout
US9843446B2 (en) * 2014-10-14 2017-12-12 Dropbox, Inc. System and method for rotating client security keys
US9735961B2 (en) * 2015-11-16 2017-08-15 Verizon Patent And Licensing Inc. Managing key rotations with multiple key managers

Also Published As

Publication number Publication date
CA3037351A1 (en) 2018-05-03
MX2019004860A (en) 2019-08-12
KR20190070332A (en) 2019-06-20
ZA201901670B (en) 2020-09-30
RU2019112870A (en) 2020-10-26
CN109891847A (en) 2019-06-14
US20180123781A1 (en) 2018-05-03
CL2019001042A1 (en) 2019-08-30
BR112019005123A2 (en) 2019-06-04
EP3533200A1 (en) 2019-09-04
PH12019550031A1 (en) 2019-12-02
SG11201903338WA (en) 2019-05-30
JP2019534512A (en) 2019-11-28
EP3533200B1 (en) 2020-08-19
AU2017351050A1 (en) 2019-03-28
CO2019003766A2 (en) 2019-06-28
WO2018080950A1 (en) 2018-05-03

Similar Documents

Publication Publication Date Title
IL266207A (en) Fault tolerant automatic secret rotation
SG11201607289SA (en) Polarization rotation circuit
HUE054320T2 (en) Risk-based control-to-range
GB201517787D0 (en) Fault representation
EP3132075A4 (en) Woven information bearing devices
GB2514879B (en) Self-operated barrier for flood, spill and other protection
SG10201504056PA (en) Polarization rotator
TWM534259U (en) Rotation structure
EP3504145C0 (en) Rotator arrangement
HK1249681A1 (en) Counterfeit prevention
IL248845B (en) Fault tolerant display
GB2525704B (en) Disk rotary valve having opposed acting fronts
DK3510007T3 (en) [18f]-mærket lactatderivativ som pet-radiotracer
EP3519632A4 (en) Flexibly resilient barrier
EP3215932A4 (en) Counterfeit prevention
IL258146B (en) Fault tolerant optical apparatus
IL246561A0 (en) Fault tolerant transceiver
LT3320253T (en) Rotatable link
GB201509904D0 (en) Rotary actuator
EP3504147C0 (en) Rotator arrangement
GB2556870B (en) Flood Prevention
GB201505528D0 (en) Rotational device-III
GB201500575D0 (en) Rotary actuator
EP2990614A4 (en) Rotation system
GB201407338D0 (en) Fault current limiter